By Markus Hoffmeister, cryptovision
Implementing an ID project is an immense investment for any government or public sector institution. With lifetimes as long as ten years, identification schemes are all about return on investment. Whether it is a national ID project on the African continent or an educational ID project in South America, the total cost can make or break a successful implementation.
For governments throughout the world, planning to implement, to re-launch or to optimize ID schemes, Total Cost of Ownership will be one of the biggest considerations and influencing factors. It is unique to the public sector segment, that ID schemes are essentially designed to support physical ID cards with a lifetime of up to ten years. Therefore, it is important to make the overall requirements, service and follow-up costs as transparent as possible at the beginning of the procurement process.
Cryptovision’s portfolio covers all security relevant components for a complete solution for state-sponsored ID schemes and corporate ID systems: From the applications on the document, to the tools to create the profiles and personalization, and the middleware to connect to the document and terminal and the Public Key Infrastructure for the administration of keys and certificates. All products follow international, transparent specifications. This means that there is no supplier lock-in for customers and that know-how can be transferred if required. Cryptovision can deliver complete ID systems or components of such systems, depending on customer preferences. With this kind of flexibility, each country can build its own value chain locally, which is hugely beneficial in terms of Total Cost of Ownership.
In terms of components, when looking at cryptovision’s flexible and secure smart card and token middleware, it supports all card profiles and operating systems and is designed to connect the smart card or token to virtually any PKI enabled application. It is a sophisticated universal middleware, with support for dozens of smart cards, security tokens of several different form factors and all major desktop operating systems. This allows the client to choose whatever desktop option is most cost effective, allowing the optimization of the overall investment.
The innovative ePasslet Suite is a modern Java Card applet suite, providing a complete set of common applications for electronic identity cards, electronic travel documents, electronic driving licenses, and other similar documents. It supports many international standards and enables international customers to transfer know-how to local suppliers. This, together with the unique feature of cryptovision’s ePS that additional document applications can be instantiated after issuance without any impact on the already running apps and their certifications, improves long-term Total Cost of Ownership.
As a key vendor to the Ghanaian prime contractor Identity Management Systems (IMS), a subsidiary of Margins Group, cryptovision delivered critical components for the project, including the applications on the eID card, the backend certificate infrastructure, and middleware components used at the card issuance terminals.
The Ghanaian government has ambitious goals to issue a total of 16 million eIDs to its citizens within 12 months. The GhanaCard is a multi-application document. In addition to the primary function of identity verification, it also serves as a passport equivalent for travel within the ECOWAS sub region. Furthermore, it will enable strong two-factor authentication as a password replacement for eGovernment services online and can be used for digital signature of electronic documents. It is also suitable for financial transactions, as the plan is to enable citizens to activate the payment application after card issuance.
To ensure the security of the GhanaCard and its infrastructure, the Ghanaian government rely on technology provided by cryptovision: For the functions on the card and also the Public Key Infrastructure (PKI), as well as the token based access to the PKI. The GhanaCard PKI, which is designed for 16 million certificate holders, ranks among the most advanced certificate management systems worldwide – incorporating several certification authorities (CAs) and multiple certificates on each card.
With 160 million citizens, Nigeria is Africa’s most populous country. As part of an ambitious Presidential initiative, adult Nigerians and resident legal aliens are issued advanced multipurpose electronic identity cards. cryptovision plays a critical role in this mammoth project, as the majority of the applications on this eID card are based on ePasslet Suite. These include an ICAO compliant travel application, a national eID application, and a digital signature application, which include support for biometric Fingerprint Match-on-Card functionality provided by a cryptovision technology partner. The number of applications will grow in the future stages of the project thanks to the unique architecture of ePasslet Suite, which enables infield update and provides additional features.